[mythtv-users] MythWeb over HTTPS using mod_rewrite

Joe Nyland joe at joenyland.co.uk
Fri May 25 21:01:42 UTC 2012


Simon Hobson wrote:
> Ah, just had a thought on your problem.
> I'd have a look at the source and see what is in the function 
> "list_update" which is called by the time navigation buttons and 
> menus. I'm just thinking that if the "http" is hard coded (rather than 
> using the protocol from the page request) then the time navigation 
> would be trying to use http instead of https.
Well I had a look through the code. I'm no developer; I'm not able to 
understand much of the code, so I've just been simply grepping for 
http:// in a recent tarball from GitHub :-D

One thing that caught my eye was this result:
/Users/Joe/Downloads/MythTV-mythweb-8c43d8d/includes/defines.php:    
$root_url = (isset($_SERVER['HTTPS']) && $_SERVER['HTTPS'] == 'on') ? 
'https://' : 'http://';

 From this, I would deduce that MythWeb is trying to determine if the 
web server that it's running from is actually serving on HTTPS or just 
HTTP and adjusting $root_url accordingly. It may be that because Apache 
on the MythTV backend server is only running HTTP and not HTTPS, MythWeb 
is only outputting HTTP links and refs... Or am I on the wrong lines?
> Yes, but if you see some HTTP in there as well then it might give you 
> a clue.
> Or it might just confirm that when you change date, there is some 
> traffic to the server - whether it gets answered or not may be a clue.
Yes, see my response to Ron below. In short; there are lots of requests 
for HTTP even though the page was re-written by mod_rewrite to HTTPS.



On 25/05/2012 16:05, Ronald Frazier wrote:
> OK, on further thought, I'm not even sure how the rewrite rule comes 
> into play. It seems like it's used to redirect an HTTP request to 
> HTTPS. However, once that is done, I would think the rewrite rule 
> should never be invoked again.
I'm pretty sure I saw this happen when watching the requests in Firebug 
as I browsed around the listings area of MythWeb - the request for the 
page is re-written successfully to HTTPS, however all links from the 
page show up as HTTP, for example if you hover over a programme title. 
If I attempt to change the time frame, I do indeed get lots of requests 
logged for HTTP, even though the page I was navigating from was served 
on HTTPS.
> On my system, HTTPS works fine with mythweb. I never get any warnings 
> that an HTTPS page is loading resources from HTTP, and looking at the 
> firebug Net tab, all of the request being sent remain HTTPS. I'm 
> thinking your problem may be something else.
Are you using mod_rewrite to force HTTPS, or is MythWeb actually running 
on HTTPS?
> Does your proxy work propery with form.
As far as I know, yes. I don't have any issues with forms in any of the 
other sites I run through reverse_proxy.
> Looking at it now, I see that the Listing's time box uses a POST 
> rather than a GET. If you go to the Upcoming Recordings page, does the 
> boxes at the top (for filtering what recordings to display) work properly?
Unfortunately not - I see the same behaviour, no matter what I use to 
change the time frame that I'm viewing on the listings page.

Thanks guys.

Joe


More information about the mythtv-users mailing list